alert Epik Had A Major Breach

[Silentptnr]

Just read this. Looks like Epik may have been hacked and sensitive data compromised...

Read here:
https://domainnamewire.com/2021/09/14/hackers-claim-significant-epik-breach/

Thought I would share this.

 

[tonyk2000]

Mainstream media? Discussing technology issues is not an easy task. Do the authors have enough knowledge to understand all the terms (to begin with), and to make an outcome readable for general public? Not obvious. If they want to publish some sort of a digest from twitter + wikipedia, they did exactly this.

Now, if we are trying to correct wording in this or that article - one can just think about the following logical task:

Yes Or No?
@ Username, did you stop drinking whiskey every morning? Please just answer yes or no.

Which is why - being an IT professional, I'd appreciate better coverage of the topic in mainstream media (= articles rewritten from scratch), but I also undersand that the chances of this are close to zero.

 

[Beezy]

This article in question is about how the data is being used to connect these groups that were using epik, or epik services, or services epik specifically bought to support these groups.

I'm sure all of the blogs in this industry have written about these things, there are many posts on this forum about them, there are entire profiles devoted to defending the decisions to harbor these groups on this forum in fact (not to mention Chris Hydrick image posts connected it all).

So the surprise is a joke. That article looks legit.

Anyway, back to the hack...

 

[Chris Hydrick]

Which is why - being an IT professional, I'd appreciate better coverage of the topic in mainstream media

https://domainnamewire.com/2021/09/21/takeaways-from-the-epik-hack-call/
BY ANDREW ALLEMANN — SEPTEMBER 21, 2021

...I think the Swastika guy interaction has been taken out of context

Finally, I’d be remiss if I didn’t defend Monster on one thing. I saw some chatter on Twitter about a guy with a Swastika showing up to the meeting, and Monster saying, “Much love to you.” If you read the totality of the conversation, it’s clear that Monster doesn’t approve of this person’s actions and rhetoric.

....

In other #EpikFail twitter news::

https://twitter.com/x/status/1440599124013768709

https://twitter.com/x/status/1440613712314855424

...

https://twitter.com/x/status/1440605831737659405

...

https://twitter.com/x/status/1440605639231762432

 

[Beezy]

It is not clear!

He was trying to negotiate with people for his own personal reputation, and then someone came in to ruin his reputation and he PRETENDED for a moment that he didn't even know who he was, before he was all "oh, i know who you are, etc." He was flustered because it was blowing up his attempt at looking OK.

There is my professional opinion.

People's data has been secondary this entire time to that man.

 

[Beezy]

He was negotiating people editing his wikipedia page and huffington post article (in his mind), and then his philosophical buddy came in. Oops. You saw that play out.

 

[FiniteCrystal]

@Samer Please stop, I can tell from your profile and contributions to this thread that you're a massive Epik fanboy, but it doesn't matter what you say in their defense. They screwed up massively, they stored tons of data that they shouldn't have been storing at all, stored tons of sensitive data in a horrible insecure way, and ignored serious security problems despite people trying to get in contact with them. Your "confidence" that everything is fine comes off as super desperate. Being willingly oblivious to how bad the problem is doesn't make it magically disappear.
[insert "This Is Fine" dog meme here]

 

[karmaco]

@Samer Please stop, I can tell from your profile and contributions to this thread that you're a massive Epik fanboy, but it doesn't matter what you say in their defense. They screwed up massively, they stored tons of data that they shouldn't have been storing at all, stored tons of sensitive data in a horrible insecure way, and ignored serious security problems despite people trying to get in contact with them. Your "confidence" that everything is fine comes off as super desperate. Being willingly oblivious to how bad the problem is doesn't make it magically disappear.
[insert "This Is Fine" dog meme here]

He is a massive fanboy which is his perogative. Whats far more interesting is someone joining and going right to this thread for a first post. Not what new domainers do when joining this forum. Its common courtesy to go introduce yourself in the designated area or do we allready know you…

 

[FiniteCrystal]

He is a massive fanboy which is his perogative. Whats far more interesting is someone joining and going right to this thread for a first post. Not what new domainers do when joining this forum. Its common courtesy to go introduce yourself in the designated area or do we allready know you…

I'm sorry. I'm not a huge domainer, I joined because I was interested in this thread and several of my Tweets have been posted above. Thanks for that, btw, @Chris Hydrick

 

[Armageddon]

No, I don't have anything to do with Anonymous, I'm not even a hacker, just a Twitter user with some computer skills investigating the extent of the damage, Epik's horrible security practices, and why their systems were designed so poorly. Why exactly are you accusing me of a bunch of conspiratorial nonsense? I'm certainly not a fan of Epik, but that was uncalled for.

Well if you are not a domainer , not Anonymous - stay on Twitter and let big boys to talk & handle this
Like you are a lot here as members & don't have a clue about domain names , about people in this business
Anonymous ( if they really are the original - but i don't think so ) they have just pure luck to hack , or is a ex partner or employee that look for revenge on Epik and/or Rob - from my point of view is very simple - Rob will fix this & world will go further

 

[Samer]

No, wtf are you talking about?

I'm not your arch-nemesis, I just think your bending over backwards to defend Rob Monster is cringe.

I’m still waiting for @Rob Monster update.

I will not give up,

Making a NP acc to attack Rob & pile on 1st is “cring(ier)”

Welcome to NP!

Samer

 

[FiniteCrystal]

Your first post is attacking their #1 fan.

Your entire perogative is uncalled for

At least you can admit that you're an extremely dedicated fanboy. I wasn't attacking you, I was criticizing your behaviour. That just happened to be my first post, it's not like I created my account just to leave that comment. I've been lurking in this thread for a couple days and considering making an account for a while.

I’m still waiting for @Rob Monster update.

I will not give up,

Making a NP acc to attack Rob & pile on 1st is “cring(ier)”

Welcome to NP!

Samer

I'm not here to attack Rob and "pile on", I'm here to discuss how badly Epik screwed up their systems. I think Rob Monster has done a lot of indefensible things but I frankly don't care about people like him either way.

 

[FiniteCrystal]

Well if you are not a domainer , not Anonymous - stay on Twitter and let big boys to talk & handle this
Like you are a lot here as members & don't have a clue about domain names , about people in this business
Anonymous ( if they really are the original - but i don't think so ) they have just pure luck to hack , or is a ex partner or employee that look for revenge on Epik and/or Rob - from my point of view is very simple - Rob will fix this & world will go further

I didn't say I don't know about domain names, I said I'm not a domainer. I know a decent amount about how they work and whatnot. I don't know what the hell bone you have to pick with me, but I must admit you're not giving me a very positive impression about this community. If you're a big Epik fan too, it's okay, I don't care who you register your domains with, I just wouldn't trust Epik.

 

[Shackleton]

Samer's behavior is super cringy. But not nearly as cringe as being the CEO of the go-to company for an organization on a country's list of terrorist entities.

 

[Armageddon]

I didn't say I don't know about domain names, I said I'm not a domainer. I know a decent amount about how they work and whatnot. I don't know what the hell bone you have to pick with me, but I must admit you're not giving me a very positive impression about this community. If you're a big Epik fan too, it's okay, I don't care who you register your domains with, I just wouldn't trust Epik.

If you don't trust in Epik - move on they are a lot other registrars this what do domainers
Epik is not the first & not last registrar

 

[Shackleton]

Anyone with an account can post here. You are not the Namepros community gatekeeper.

 

[carob]

I'm not here to attack Rob and "pile on", I'm here to discuss how badly Epik screwed up their systems.

You're very welcome here, and you don't need to explain yourself. We've been positively encouraging people to join this thread, partly so the info about what happened at Epik can be accurate and understood.

There are some strong pro and anti Epik sentiments here and various discussion threads including a long one about Rob Monster - it's hard to ignore him if he owns 80% of the company and effectively controls it entirely.

Often discussions between domainers boil down to shouting "I'm a better domainer than you" - it's a very insecure business and you need to filter some noise here on NP.

Let's hope we can all stay civil and stay on topic.

 

[FiniteCrystal]

Definitely you don't know nothing about domain names business & this community
RESPECT , TRUST , HONESTY are the most important here on NP & of course in domain name business

That's pretty ironic coming from someone who attacked me for saying some mean things about a company that lied to their customers for a decade about how secure their stuff was.

 

[Future Sensors]

Can we get back to talking about the hack now?

+1

Welcome.

 

[Armageddon]

That's pretty ironic coming from someone who attacked me for saying some mean things about a company that lied to their customers for a decade about how secure their stuff was.

You don't know what you say , you don't know Rob , Epik , GoDaddy , DynaDot , Sav , Rick S. , Eric. L etc...you are just a dude

 

[jmcc]

I didn't say I don't know about domain names, I said I'm not a domainer. I know a decent amount about how they work and whatnot.

The problem with the Epik compromise, as you already know, is that it is about much more than domain names. There's a whole business to domain names and registrars that is being ignored because of the focus on politics. As was pointed out earlier, some of the domain names that were in the Epik data were not registered via Epik or were deleted. If you have any questions about the industry, it might be better to ask them here as there is a wide range of expertise on Namepros.

Regards...jmcc

 

[Kingslayer]

Anyone with an account can post here. You are not the Namepros community gatekeeper.

I agree. These are the type of things Epik are apparently all about (freedom of speech and people not being silenced no matter views) and to be fair to Rob, he’s not trying to silence people, even though it must hurt people talking about his business in a negative way.

I do think ‘some’ people here (and on Twitter) don’t care what’s happened to Epik, don’t care who’s effected and just loving all the drama and trying to stir as much as they can, I don’t agree with that!

It’s all going to come out sooner rather than later after in depth investigations whether there is some negligence by Epik or not, wait until that happens.

 

[FiniteCrystal]

You don't know what you say , you don't know Rob , Epik , GoDaddy , DynaDot , Sav , Rick S. , Eric. L etc...you are just a dude

Not a dude. I don't know Rob on a personal level, no. I do know that the way he has responded to this hack is completely insane. He also runs a company that willingly platforms some of the most vile and hateful crap on the internet and hired Joey Camp to go after journalists. In my opinion his actions are indefensible. I'm done talking to you. You're acting like an elitist gatekeeping jerk and you're assuming I know nothing about domains and registrars just because I said I'm not a domainer. I've dabbled in domains, I just don't consider them an investment.

 

[FiniteCrystal]

Also, I find it super cringe the first comment coming from a new account is all about attack,

I find it super cringe that certain members here attacked and smeared a researcher for criticizing someone's unconditional support for the company that they're researching. In retrospect, I shoudn't have replied to Samer's comment. I certainly shouldn't have made it my first post, but I do stand by everything that I said.

You want to be objective? Epik was storing tons of data that they probably shouldn't have stored at all, in plain text. That's a fact. Does anyone have any interesting questions as to what that data includes? I'd be happy to take a look and report back.

Please note: I am only going to confirm or deny if certain sensitive data was being stored by Epik in an insecure or stupid manner. I have no intention to post any PII from the hack, except possibly censored screenshots to prove I'm not fake news.

 

[Silentptnr]

Anonymous Hack Triggers Massive Data Dump on Proud Boys, QAnon

https://www.thedailybeast.com/anony...-proud-boys-qanon-8chan?source=cheats&via=rss

 

[FernandoBMS]

Does anyone have any interesting questions as to what that data includes?

Could you summarize some of the things you already discovered and/or confirmed?